Legal claims defining the scope of protection, as filed with the USPTO.
1. A network element comprising: a short range transceiver, said transceiver adapted to communicate with a configuration device in order to authenticate the network element and adapted to establish a secure channel between the network element and a provisioning server, wherein the network element comprises one of a router, switch, firewall, or gateway, wherein said secure channel is adapted to download a configuration file from the provisioning server, wherein the configuration file is adapted to configure a network topology, addresses, and security parameters of the network element, wherein the network element is adapted to establish the secure channel by transmitting a serial number of the network element to the configuration device and receiving a shared secret from the configuration device responsive to the configuration device validating the serial number, wherein the shared secret is utilized to create the secure channel with the provisioning server, wherein the configuration device and the network element are shipped to a customer's site, and wherein the configuration device and the network element are communicatively coupled at the customer's site; and a controller adapted to manage communications between the network element and the configuration device and the provisioning server, said controller adapted to configure the network element once the configuration file has been downloaded from the provisioning server, the controller adapted to receive an acknowledgement transmitted from the network element, the acknowledgement indicative that the configuration file has been received and the network element has entered normal operation; wherein a web page and an applet from the provisioning server are received at the configuration device upon authentication of the customer at the provisioning server, the web page and the applet related to the network element; wherein a handshake is established between the applet and the network element; wherein a serial number from the network element is received, and wherein the downloading of the configuration file is responsive to the received serial number.
2. The element of claim 1 wherein said network element is adapted to: receive a provisioning server network address/port and the shared secret from the configuration device, the shared secret computed by a random number generator.
3. The element of claim 1 wherein said short-range transceiver uses a wireless link to communicate with the configuration device.
4. The element of claim 1 wherein said short-range transceiver uses an infrared link to communicate with the configuration device.
5. The element of claim 1 wherein the secure channel is created using Internet Key Exchange (IKE).
6. The element of claim 1 wherein the secure channel is created using Internet Protocol Security (IPSEC).
7. The element of claim 1 wherein the element is a router.
8. The element of claim 1 wherein the element is a switch, wherein the controller is adapted to request a Web page from the provisioning server.
9. The element of claim 1 wherein the element is a firewall.
10. The element of claim 1 wherein the element is a gateway.
11. The element of claim 1 wherein the element is an application server.
12. The element of claim 1 wherein the element is a proxy or reverse proxy server.
13. A method of configuring a network element via a configuration device comprising the steps of: the configuration device, authenticating the network element, wherein the network element comprises one of a router, switch, firewall, or gateway, wherein the configuration device and the network element are shipped to a customer's site, and wherein the configuration device and the network element are communicatively coupled at the customer's site; upon authentication, the network element receiving a provisioning server network address/port and shared secret from the configuration device; the network element, using the shared secret to establish a secure channel to the provisioning server, the shared secret computed by a random number generator; the network element, downloading a configuration file from the provisioning server via the secure channel, the configuration file adapted to configure a network topology, addresses, and security parameters of the network element, a controller adapted to receive an acknowledgement from the network element, wherein the acknowledgement is indicative that the configuration file has been received and the network element has entered normal operation; and receiving transmission of a web page and an applet from the provisioning server at the configuration device upon authentication of the customer at the provisioning server, the web page and the applet related to the network element; establishing a handshake between the applet and the network element; and receiving a serial number from the network element, the downloading of the configuration file responsive to the received serial number.
14. The method of claim 13 wherein said step of authenticating further comprises: transmitting a serial number associated with the network element to the configuration device.
15. The method of claim 14 wherein said serial number is transmitted via a handshake between the network element and the configuration device.
16. The method of claim 13 wherein the secure channel is created using Internet Key Exchange (IKE).
17. The method of claim 13 wherein the secure channel is created using Internet Protocol Security (IPSEC).
18. The method of claim 13 wherein the element is a router, the provisioning server adapted to transmit an order that specifies a device type and circuit boards to be included in the network element.
19. The method of claim 13 wherein the element is a switch.
20. The method of claim 13 wherein the element is a firewall.
21. The method of claim 13 wherein the element is a gateway.
22. The method of claim 13 wherein said step of authenticating includes authenticating password authorization.
23. The method of claim 13 wherein said step of authenticating includes authenticating retinal data from a customer.
24. The method of claim 13 wherein said step of authenticating includes authenticating fingerprint information from a customer.
25. The method of claim 13 wherein said step of authenticating includes authenticating a handwriting sample from a customer.
26. The method of claim 13 wherein said step of authenticating includes authenticating speech input from a customer.
Unknown
January 4, 2011
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.